Cookie Policy - Work Stack Manager

This Cookie Policy explains how Work Stack Manager ("we", "us", or "our") uses cookies and similar technologies when you visit workstackmanager.com or use our service.

We have written this policy to be straightforward and honest. Work Stack Manager uses a minimal number of cookies — only those necessary to make the service function correctly.

1. What Are Cookies?

Cookies are small text files that a website stores on your device when you visit. They are widely used to make websites work correctly, remember your preferences, and provide a better user experience.

Cookies are not programs and cannot carry viruses or install malware. They can only be read by the website that created them and are subject to strict browser security controls.

2. Cookies We Use

Work Stack Manager uses only strictly necessary cookies. We do not use advertising cookies, tracking cookies, or third-party analytics cookies.

Session Cookie

Name	`PHPSESSID`
Purpose	Maintains your authenticated session while you are logged in. Without this cookie the Service cannot identify you between page requests.
Type	Strictly necessary
Expiry	24 hours of inactivity, or when you log out
Provider	workstackmanager.com
Third party	No

CSRF Security Token

Name	Stored within the session cookie
Purpose	Protects forms against Cross-Site Request Forgery (CSRF) attacks by verifying that form submissions originate from our own pages.
Type	Strictly necessary
Expiry	With the session
Third party	No

That's it. We do not set any advertising, analytics, social media, or tracking cookies. The table above represents the complete list of cookies used by Work Stack Manager.

3. Mobile API Access

When you access Work Stack Manager through the API using a mobile client or third-party application, authentication is handled via a JSON Web Token (JWT) rather than a session cookie. In this case, no session cookie is set on your device. The JWT is stored and managed by the client application, not by us.

4. Managing Cookies

Because we use only strictly necessary cookies, there is no cookie consent banner on Work Stack Manager — these cookies are required for the service to function and do not require your consent under most privacy regulations.

You can control and delete cookies through your browser settings. Please be aware that disabling the session cookie will prevent you from logging in to Work Stack Manager. Instructions for common browsers:

5. Cookie Security

Our session cookie is set with the following security attributes to protect your account:

HttpOnly — the cookie cannot be accessed by JavaScript, protecting against cross-site scripting (XSS) attacks
Secure — the cookie is only transmitted over HTTPS connections, never over plain HTTP
SameSite — the cookie is restricted to same-site requests, providing additional CSRF protection
Strict mode — the session is managed in strict mode, preventing session fixation attacks

6. Changes to This Policy

We may update this Cookie Policy from time to time, for example if we introduce new features that require additional cookies. We will update the date at the top of this page when changes are made. As we use only strictly necessary cookies, material changes are unlikely.

7. Contact Us

If you have any questions about our use of cookies, please contact us:

Work Stack Manager

info@workstackmanager.com

workstackmanager.com

Related Policies

Privacy Policy

How we collect, use, and protect your personal information.

Terms of Service

The rules and conditions governing use of the Service.